If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). 如果使用$_SESSION (or $HTTP_SESSION_VARS), 是不用注册session变量的,你已经注册了session变量,就应该直接用变量名来表示session变量,那$_SESSION (or $HTTP_SESSION_VARS)里的元素没有值就很正常了。
/* ii.php */
session_start();
?>
<FORM METHOD=POST ACTION="ii.php">
<input type=text name=number maxlength=4><img src="yan.php">
<INPUT TYPE="submit" name="sub">
</FORM><?
if(isset($HTTP_POST_VARS["sub"])){
if($HTTP_POST_VARS["number"]!=$HTTP_SESSION_VARS["auth"]||empty($HTTP_POST_VARS["number"])){
echo "验证码错误" ;
}else{
echo"验证码正确";
};
};
?>yan.php
<?php
session_start();
srand((double)microtime()*1000000); while(($authnum=rand()%10000)<1000);//生成四位随机整数验证码
$_SESSION['auth']=$authnum;//生成验证码图片
Header("Content-type: image/PNG");
$im = imagecreate(50,20);
$black = ImageColorAllocate($im, 200,10,0);
$white = ImageColorAllocate($im, 255,255,255);
$gray = ImageColorAllocate($im, 230,230,230);
imagefill($im,68,30,$gray); //将四位整数验证码绘入图片
//位置交错
for ($i = 0; $i < strlen($authnum); $i++) {
if ($i%2 == 0) $top = 1;
else $top = 5;
imagestring($im, 5, 10*$i+6, $top, substr($authnum,$i,1), $black);
}for($i=0;$i<150;$i++) //加入干扰象素
{
imagesetpixel($im, rand()%70 , rand()%30 , $black);
} ImagePNG($im);
ImageDestroy($im);?>